urlscan.io logo urlscan.io
SecurityTrails logo

www.duping.net Open in urlscan Pro
160.153.63.167  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Submission: On June 07 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 160.153.63.167, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.duping.net.
This is the only time www.duping.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 160.153.63.167 398101 (GO-DADDY-...)
1 2a04:4e42:a00... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 23.36.163.233 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
21 5
16    160.153.63.167 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: ip-160-153-63-167.ip.secureserver.net
www.duping.net
1    2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    23.36.163.233 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-233.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
2    2a02:26f0:6c00::210:bae3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
Apex Domain
Subdomains		 Transfer
16 duping.net
www.duping.net
20 KB
3 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 8612
img6.wsimg.com — Cisco Umbrella Rank: 10848
12 KB
2 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12286
580 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 419
252 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1336
417 B
21 5
Domain Requested by
16 www.duping.net www.duping.net
2 events.api.secureserver.net img1.wsimg.com
2 img1.wsimg.com 2 redirects
1 img6.wsimg.com www.duping.net
1 cdn.jsdelivr.net www.duping.net
1 polyfill.io www.duping.net
21 6

This site contains no links.

Subject Issuer Validity Valid
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2021-09-14 -
2022-10-16		 a year crt.sh

This page contains 1 frames:

Primary Page: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Frame ID: 54EB29D1B67674518E1728DC950DCBCE
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

透露一点我的发言。还没有在海外委员会获得多数同意。

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

21
Requests

19 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

284 kB
Transfer

1227 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request show.php
www.duping.net/XHC/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache / PHP/5.6.40
Resource Hash
7131ac9c61821676455ec2491b5eaf15706997ff017282ef91b130b6145b8ff8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
4432
Content-Type
text/html; charset=gb2312
Date
Tue, 07 Jun 2022 12:18:03 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5
Pragma
xhc-return=1451789
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40
XHC11.css
www.duping.net/stylesheets/comm/ 		68 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.duping.net/stylesheets/comm/XHC11.css
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
1d06c70bf7922b879f5c588308c13ccfaf4f473b484b4f55d14101e66b299f40

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:19 GMT
Server
Apache
ETag
"6a6042a-44-4c0155aea66c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
68
xhc.js
www.duping.net/javascripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.duping.net/javascripts/xhc.js
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
ab866978e2d645b8c3b95ccd3e4bfe3790d74ec0d56a7e8373615794cfb26e0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Aug 2015 15:53:01 GMT
Server
Apache
ETag
"6a60417-99c-51d1f369cf140-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5
Content-Length
960
polyfill.min.js
polyfill.io/v3/ 		101 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=es6
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 12:18:04 GMT
content-encoding
br
last-modified
Tue, 10 May 2022 02:34:36 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/102.0.0
server-timing
cache-lax10631, PASS, fastly;desc="Edge time";dur=28
accept-ranges
bytes
content-length
94
tex-mml-chtml.js
cdn.jsdelivr.net/npm/mathjax@3/es5/ 		1 MB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-mml-chtml.js
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8650b6b924184e63ecaf31994c440483d3d9d5affe495e950424dc96885fda88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 12:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9338
x-jsd-version
3.2.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19160-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"11e60f-arAZY7q1WQAuImB08MCtgRzGgq8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAGAAv3ViA%2B7XPtoL75cb5QjDYA2vL90sRBoI1gKqK4l4oup4oCpd6kCrOtXXreN3ykaj5Jdsz1WsrULup9AnC6XgBumHQ9P8w7nnv%2BvgWkoztKskyK4asF6CypJhsMi2s%2BflXdK3vhpd1Ky9dg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7179540a784891d1-FRA
dlpl05s.gif
www.duping.net/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/dlpl05s.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
dbb73788fd449984eef50af67b9b84cfb281e5be4931a168601b641105533c70

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603e5-d42-4c01559d7be40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
3394
12open.gif
www.duping.net/images/ 		130 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/12open.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
4526dcf260c00ea6184baa195ca3dfef6c581a74708f92efe9fba370418281ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603d0-82-4c01559d7be40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
130
editor.js
www.duping.net/javascripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.duping.net/javascripts/editor.js
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
43bf7cff769802cf032c5732774a7555cb3dd8fab6de6930a3e4cfc773ae895f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 May 2012 17:12:01 GMT
Server
Apache
ETag
"6a60411-2f30-4c0164d079a40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
3430
tccl.min.js
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/
Redirect Chain
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
H2
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
135, 135
x-amz-version-id
Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-encoding
br
etag
"362d20193a8fed115f99b16a157b7fc4"
x-amz-request-id
N5JSXGJTVEFZM8E9
x-edgeconnect-midmile-rtt
15, 131
x-amz-server-side-encryption
AES256
date
Tue, 07 Jun 2022 12:18:04 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
11155
x-amz-id-2
73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
last-modified
Mon, 11 Apr 2022 14:15:53 GMT
x-edgeconnect-cache-status
2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
date
Tue, 07 Jun 2022 12:18:04 GMT
cache-control
max-age=5
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
expires
Tue, 07 Jun 2022 12:18:09 GMT
screen.css
www.duping.net/stylesheets/comm/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.duping.net/stylesheets/comm/screen.css
Requested by
Host: www.duping.net
URL: http://www.duping.net/stylesheets/comm/XHC11.css
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
c9ccefcafa539f3da0089461cd580b031863c7f9f900b94ebecd49a7f06e2054

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/stylesheets/comm/XHC11.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Sep 2015 23:08:47 GMT
Server
Apache
ETag
"6a60426-242a-51f3054e8fdc0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2283
bold.gif
www.duping.net/images/ 		77 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/bold.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
5a06b08f4619c06f877557c20544f7199b6c0e95efeb2aef65d2776edee39175

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603db-4d-4c01559d7be40"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
77
underline.gif
www.duping.net/images/ 		129 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/underline.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
c9f5ffcaf732a65a9cf83008b2f5ac353f1129bba060796c31dd8a126f01df6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a60407-81-4c01559d7be40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
129
italic.gif
www.duping.net/images/ 		119 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/italic.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
5b3b24550734c7243a009de052d2be91afb5dd690e33519fd03ac5e6883ffd37

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603f6-77-4c01559d7be40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
119
justifyleft.gif
www.duping.net/images/ 		72 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/justifyleft.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
0b2241d05bd2fa9b9f31fb0ad0f6d8dd506e9da6f7571d5240d1ba276c93e1a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603f9-48-4c01559d7be40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
72
justifycenter.gif
www.duping.net/images/ 		71 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/justifycenter.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
b3080457b2cbea336d84222dbfb1dd846a4c83832e183b2ef28e2eb8922beca8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603f8-47-4c01559d7be40"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
71
justifyright.gif
www.duping.net/images/ 		71 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/justifyright.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
3d8c46170afe4329b3fdaa1a45a4a4302929b5ebbe6b1393da5e185ec0374f87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603fa-47-4c01559d7be40"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
71
indent.gif
www.duping.net/images/ 		131 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/indent.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
ec2c5285f29f345aaaecdaf73d44a4e9353635a4035fc3d4a50090ab5c9331d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603f5-83-4c01559d7be40"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
131
link.gif
www.duping.net/images/ 		185 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/link.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
2048b980c17cb3705d8b9fcf33578b477dc7e30d04d74b46aa33ecd587d89d2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603fc-b9-4c01559d7be40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
185
image.gif
www.duping.net/images/ 		173 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duping.net/images/image.gif
Requested by
Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1451789
Protocol
HTTP/1.1
Server
160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-63-167.ip.secureserver.net
Software
Apache /
Resource Hash
63d80cb4e4c76937e673ddcda9e8f51f46f36d859f50aeb5f7368f5903babbe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/XHC/show.php?bbs=11&post=1451789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 12:18:04 GMT
Last-Modified
Tue, 15 May 2012 16:04:01 GMT
Server
Apache
ETag
"6a603f4-ad-4c01559d7be40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
173
event
events.api.secureserver.net/t/1/tl/ 		43 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1654604284759&dh=www.duping.net&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&vci=872859584&cv=2.0.0&z=305268476&vg=477c6ee9-2573-525e-8878-07d24d8c54da&vtg=477c6ee9-2573-525e-8878-07d24d8c54da&dp=%2FXHC%2Fshow.php&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl0778%22%2C%22id%22%3A%228450914%22%7D&hit_id=08f35083-5cde-5102-8afe-6e0d57637027&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:bae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Tue, 07 Jun 2022 12:18:05 GMT
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
http://www.duping.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1654604285038&dh=www.duping.net&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&vci=872859584&cv=2.0.0&z=1239210186&vg=477c6ee9-2573-525e-8878-07d24d8c54da&vtg=477c6ee9-2573-525e-8878-07d24d8c54da&dp=%2FXHC%2Fshow.php&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl0778%22%2C%22id%22%3A%228450914%22%7D&hit_id=18faed99-4663-5596-9d15-624817033b9c&ht=perf&tce=1654604283738&tcs=1654604283589&tdc=1654604285034&tdclee=1654604284765&tdcles=1654604284759&tdi=1654604284759&tdl=1654604283998&tdle=1654604283589&tdls=1654604283562&tfs=1654604283561&tns=1654604283561&trqs=1654604283738&tre=1654604283922&trps=1654604283921&tles=1654604285034&tlee=0&nt=navigate&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:bae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.duping.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Tue, 07 Jun 2022 12:18:05 GMT
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
http://www.duping.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| init object| MathJax boolean| isEditable boolean| isIE boolean| isGecko boolean| isSafari boolean| isKonqueror function| initiateEditor function| displayEditor function| enableDesigner function| editorCommand function| editorCommandTxt function| editorSwitchMode function| editorUpdate function| editorInsertTags function| editorCleanHtml function| editorFormatText function| editorIsRtfMode function| getRtfEditor function| getTxtEditor function| getToolbar function| addButton function| selOn function| selOff function| selDown function| selUp function| submitForm object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _trfq object| tccl

3 Cookies

Domain/Path Name / Value
www.duping.net/ Name: PHPSESSID
Value: j16orfrm0sbf7qk4otgrb2jqo7
.duping.net/ Name: _tccl_visitor
Value: 477c6ee9-2573-525e-8878-07d24d8c54da
.duping.net/ Name: _tccl_visit
Value: 477c6ee9-2573-525e-8878-07d24d8c54da

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
events.api.secureserver.net
img1.wsimg.com
img6.wsimg.com
polyfill.io
www.duping.net
160.153.63.167
23.36.163.233
2606:4700::6810:5914
2a02:26f0:6c00::210:bae3
2a04:4e42:a00::282
0b2241d05bd2fa9b9f31fb0ad0f6d8dd506e9da6f7571d5240d1ba276c93e1a0
1d06c70bf7922b879f5c588308c13ccfaf4f473b484b4f55d14101e66b299f40
2048b980c17cb3705d8b9fcf33578b477dc7e30d04d74b46aa33ecd587d89d2c
3d8c46170afe4329b3fdaa1a45a4a4302929b5ebbe6b1393da5e185ec0374f87
43bf7cff769802cf032c5732774a7555cb3dd8fab6de6930a3e4cfc773ae895f
4526dcf260c00ea6184baa195ca3dfef6c581a74708f92efe9fba370418281ec
5a06b08f4619c06f877557c20544f7199b6c0e95efeb2aef65d2776edee39175
5b3b24550734c7243a009de052d2be91afb5dd690e33519fd03ac5e6883ffd37
63d80cb4e4c76937e673ddcda9e8f51f46f36d859f50aeb5f7368f5903babbe7
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7
7131ac9c61821676455ec2491b5eaf15706997ff017282ef91b130b6145b8ff8
8650b6b924184e63ecaf31994c440483d3d9d5affe495e950424dc96885fda88
ab866978e2d645b8c3b95ccd3e4bfe3790d74ec0d56a7e8373615794cfb26e0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3080457b2cbea336d84222dbfb1dd846a4c83832e183b2ef28e2eb8922beca8
c9ccefcafa539f3da0089461cd580b031863c7f9f900b94ebecd49a7f06e2054
c9f5ffcaf732a65a9cf83008b2f5ac353f1129bba060796c31dd8a126f01df6c
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dbb73788fd449984eef50af67b9b84cfb281e5be4931a168601b641105533c70
ec2c5285f29f345aaaecdaf73d44a4e9353635a4035fc3d4a50090ab5c9331d5